This forum is deprecated. Please visit https://github.com/smplayer-dev/smplayer/discussions

Windows DLL load hijacking exploits go wild

Problems, bugs, suggestions... anything related to SMPlayer.

Windows DLL load hijacking exploits go wild

Postby DrStrange » Thu Aug 26, 2010 9:39 pm

http://www.reuters.com/article/idUS2168761020100825

I did a scan of my OS using HD Moore's auditing tool. SMPlayer and other apps on my system showed as exploitable. Is this something that needs fixed, or should I not worry?
DrStrange
 
Posts: 1
Joined: Tue Jul 06, 2010 8:43 pm

Re: Windows DLL load hijacking exploits go wild

Postby redxii » Thu Aug 26, 2010 11:56 pm

No need to worry unless somehow a dll is missing that SMPlayer needs and somehow someone had access to your system to place a malicious replacement in the same directory as a file you're opening. SMPlayer includes all the needed QT dlls so it will load them and not look elsewhere.

One of the places Windows searches for dlls is the current working directory. If you open "foo.mkv" by double-clicking it in "C:\Movies\", and SMPlayer needed but is missing "bar.dll" then one of the places it'd look is "C:\Movies\". MS should just remove that search path, there's no reason to be searching there because there is no reason that a dependency would be there.

RVM could use this to remove cwd as a search directory; http://msdn.microsoft.com/en-us/library ... 85%29.aspx
User avatar
redxii
 
Posts: 520
Joined: Thu Dec 24, 2009 7:06 pm


Return to General

Who is online

Users browsing this forum: Google [Bot] and 36 guests